Re: Tor server "nami" taken by the German Police

[John Case <case@xxxxxxxxxxxxxxxx>]

On Wed, 30 Sep 2009, tor@xxxxxxxxxxxx wrote:

> For residential IPs it is not possible to distinguish a tor node from a
> person. Only recently I was thinking that German police probably learned
> from their first raid. Now this is coming along, but again, they
> couldn't know it was a tor node until they visited the friendly bloke.
> Would be interesting to know if any colo machines have been affected
> again after the 2007 incident.


I would also very much like to know this.

In addition, I would be very interested in knowing who authorities are 
eventually passed through to in a colo/datacenter scenario.

If a full service datacenter gives a multi-rack ISP a /24 or /22, and then 
that ISP sells a half rack to a VPS provider who sells a VPS to an end 
user who then runs an exit node ... does a police contact ever even make 
it to the end user ?

Finally, what generalizations can be made about the behaviors that 
eventually lead to a police interaction ?  Is it a website on the public 
Internet that is either taken over, or run from day one as a sting, and 
they collect the IPs that connect ?  Is it news postings that appear to 
come from a particular IP ?  I don't see a raid coming as the result of a 
hidden service - where would an IP come from to point to that ?
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/